Account Login
Home
Email Exposure Check
Products
Kevin Mitnick Security Awareness Training
instantrevert
PCI Compliance Simplified
Vulnerability Scanning
Case Studies
Resources
Frequently Asked Questions
Threat Number One: Spear Phishing
Six Steps To Successful Security Awareness Trainin
Training Fragmentation Causes Knowledge Gap
Quickstart Guide
Visible Proof The KnowBe4 System Works
domain-spoof-test
Regulatory Compliance
Antivirus Industry’s Dirty Little Secret
Cyberheist Map
ROI-Calculation
Defense-In-Depth
Five Generations Of Cybercrime
How The Bad Guys Do It
User’s 4-Step Instruction Guide
7 Reasons Why Organizations Use Online Training
Getting Approval
Message For The Owner: “Your Bank Account Emptied
How To Phish Your Employees
fail500
About Us
About Us
KnowBe4 In One Minute
KnowBe4 In The News
Jobs
Press Releases
KnowBe4 TimeLine
Cyberheist – The Book
Cyberheist News
Partnering
Contact Us
Support
Tech Support
Contact Us
Subscribe to our Newsletter!
Subscribe to Blog
Follow Me
Latest Posts
Snowden Exfiltrated NSA Files On Thumb Drive
CyberheistNews Vol 3, # 25
Scam Of The Week: CIA Prism Watchlist
SlideShare Puts Us On Front Page!
The Three Types Of Cyberattacks
Kevin And I Were on FOX TV Wednesday
New on SlideShare: The Seven Deadly Social Engineering Vices
New Top 10 IT Security Myths That Put You At Risk
CyberheistNews Vol 3, # 24
POLL: "YOU are in IT. Is it OK what the NSA is doing?"
Posts by Month
2013
June
May
April
March
February
January
2012
December
November
October
September
August
July
June
May
April
March
February
January
2011
December
November
October
September
August
July
June
May
April
March
February
January
KnowBe4 Security Awareness Training Blog
Current Articles
|
RSS Feed
Fake Apple Invoices
Posted by
Stu Sjouwerman
on Wed, Jan 23, 2013 @ 01:57 AM
Tweet
Internet criminals are getting more and more inventive with their social engineering attacks. Here are two examples of fake Apple invoices. The first is an example from the Sophos
blog showing a $699.99 charge for a postcard. The link "View/Download" ends in download.jpg.exe, while the "Cancel" and "Not your order" URLs end in check.php. The smart social engineering in these fakes is that the victim gets scammed either way, whether you are curious what this is about or upset with this seemingly unauthorized charge, you are still likely to click one of the links:
[caption id="Fake Apple Invoice 1" align="aligncenter" width="600"]
Fake Apple Invoice 1[/caption]
This second fake invoice is an example that comes from the KnowBe4 simulated phishing attack templates database. Our customers get a few dozen ready-made templates they can send to their users
after
all users get
security awareness training
and see who opens and who clicks, so that action can be taken in the sense of additional training or a chat with that user's supervisor or HR. We track all opens and clicks of these simulated attacks so you can see the vastly improved scores
over a period of time.
[caption id="Fake Apple Invoice 2" align="aligncenter" width="600"]
Fake Apple Invoice 2[/caption]
Tags:
Security Awareness Training
,
Social Engineering
,
IT Security
,
Malware Infections
Error sending email
Email sent successfully
Email article
Email To :
Your name :
Message : (maximum 200 characters)